Last week I had a small task to complete, attaching the certificate to Symantec Messaging Gateway.
being honest with you, it took me some time to realize how to upload it, the process was different, I used to do these tasks in Windows environments, easily and quickly but in this scenario, I have done several things which were not familiar with it.
Before starting the process, we have to make sure that our CA is under “Certificate Authority“, most of the common providers are already there, but if you have purchased the certificate from some provider which is not under this CA you have to upload it, likewise “SllStore, AlphaSsl”:
We have to convert the PFX to PEM file and then export the file without the passphrase, as it is on Fortigate, I take the PFX and convert it using OpenSSL
Run this first – converting the PFX to PEM
openssl pkcs12 -in Prk.pfx -out file.pem -nodes
Enter the password of the PFX.
And then export the PEM file without the passphrase
openssl rsa -in file.pem -out key-nopass.pem
Open a new “Text file” and copy the content from “key-nopass.pem” and past it, in addition, edit the CRT file you got from you Certificate authority and paste it into a new text file.
so basically you have a new TXT file which contains the new PEM file and Crt file.
If you don’t have the CRT file you can convert it using your pfx using the following command:
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]
Save this TXT file as “PEM” and upload it to SMG:
At the end, make sure you choose the correct certificate on “Control Center Settings“: